Mercurial > hg > Members > nobuyasu > jungle-network

view src/main/java/app/bbs/ShowMessageWithTimeStampServlet.java @ 176:ac7d1070f449

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sanitizing
author tatsuki
date Wed, 30 Jul 2014 22:17:23 +0900
parents 066f58e93a14
children 6f104ab4eb81
line wrap: on
line source

package app.bbs;

import java.io.PrintWriter;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringEscapeUtils;
import org.eclipse.jetty.util.thread.ThreadPool;

import jp.ac.u_ryukyu.ie.cr.shoshi.jungle.bbs.BoardMessage;

public class ShowMessageWithTimeStampServlet extends HttpServlet {
	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	private final NetworkBulletinBoard bbs;
	private final String createBoardMessagePath;
	private final String editMessagePath;
	private final String showMatrixPath;

	private static final String PARAM_BOARD_NAME = "bname";

	public ShowMessageWithTimeStampServlet(NetworkBulletinBoard _bbs,
			String _createBoardMessagePath, String _editMessagePath, String _showMatrixPath,
			ThreadPool thp) {
		bbs = _bbs;
		showMatrixPath = _showMatrixPath;
		createBoardMessagePath = _createBoardMessagePath;
		editMessagePath = _editMessagePath;
	}

	public void doGet(HttpServletRequest _req, HttpServletResponse _res) {
		final String bname = (_req.getParameter(PARAM_BOARD_NAME));
		try {
			_res.setCharacterEncoding("UTF-8");
			printBoard(bname, _res.getWriter());
		} catch (Exception _e) {
			_res.setStatus(500);
		}
	}

	private void printBoard(String _bname, PrintWriter _pw) throws Exception {
		_pw.write("<html><body>\n");
		_pw.write("<h1>" + bbs.sanitize(_bname) + "</h1>\n");
		_pw.write("<p>Latest renew time : " + bbs.getRenewTime(_bname)
				+ "</p>\n");
		;

		_pw.write("<form action='" + createBoardMessagePath + "' method='POST'\n");
		_pw.write("<p>Author : <input type='text' name='author'/> <input type='hidden' name='bname' value='" +bbs.sanitize( _bname) + "'/> EditKey : <input type='textarea' name='key'/></p>\n");
		_pw.write("<p>Message<br/> <input type='textarea' name='msg'/> </p>\n");
		_pw.write("<p><input type='submit' value='submit'/></p>\n");
		_pw.write("<small><a href=" + showMatrixPath + "?bname=" + bbs.sanitize(_bname) + "&uuid= >MatrixMode"+"</a></small><br>");
		
		for (BoardMessage msg : bbs.getMessages(_bname)) {//フォルダの表示
			_pw.write("<hr/>");
			_pw.write("<p> Author <b>" + bbs.sanitize(msg.getAuthor()) + "</b></p>");
			_pw.write("<small><a href=" + editMessagePath + "?bname=" + bbs.sanitize(_bname)
					+ "&uuid=" + msg.getUUID() + ">"+ bbs.sanitize(msg.getMessage()) +"</a></small><br>");
		}

		_pw.write("</body></html>");
		_pw.flush();
	}
}